docs: make README more Australian with authentic Aussie slang and expressions

Transform the README to use Australian vernacular including: - "G'day mate" greeting and friendly Aussie tone - Replaced "Features" with "What's the Go?" - Added authentic expressions like "fair dinkum", "ripper", "beauty" - Used classic phrases like "Bob's your uncle", "cat's pyjamas", "she'll be right" - Added cultural references and colloquialisms throughout - Maintained technical accuracy while adding Australian charm 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
chore: bump Claude Code version to 2.0.10
2026-01-23 06:54:13 +08:00 · 2025-10-07 23:15:08 +00:00 · 2025-10-07 21:14:39 +00:00 · 2025-10-06 21:57:24 +00:00 · 2025-10-06 09:51:50 -07:00 · 2025-10-04 23:17:33 +00:00
24 changed files with 746 additions and 153 deletions
--- a/.claude/settings.json
+++ b/.claude/settings.json
@@ -0,0 +1,15 @@
+{
+  "hooks": {
+    "PostToolUse": [
+      {
+        "hooks": [
+          {
+            "type": "command",
+            "command": "bun run format"
+          }
+        ],
+        "matcher": "Edit|Write|MultiEdit"
+      }
+    ]
+  }
+}
--- a/.github/workflows/claude-test.yml
+++ b/.github/workflows/claude-test.yml
@@ -1,38 +0,0 @@
-# Test workflow for km-anthropic fork (v1-dev branch)
-# This tests the fork implementation, not the main repo
-name: Claude Code (Fork Test)
-
-on:
-  issue_comment:
-    types: [created]
-  pull_request_review_comment:
-    types: [created]
-  issues:
-    types: [opened, assigned]
-  pull_request_review:
-    types: [submitted]
-
-jobs:
-  claude:
-    if: |
-      (github.event_name == 'issue_comment' && contains(github.event.comment.body, '@claude')) ||
-      (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude')) ||
-      (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude')) ||
-      (github.event_name == 'issues' && (
-        contains(github.event.issue.body, '@claude') || 
-        contains(github.event.issue.title, '@claude')
-      ))
-    runs-on: ubuntu-latest
-    permissions:
-      contents: write
-      pull-requests: write
-      issues: write
-      id-token: write # Required for OIDC token exchange
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      - name: Run Claude Code
-        uses: km-anthropic/claude-code-action@v1-dev
-        with:
-          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
--- a/.github/workflows/test-settings.yml
+++ b/.github/workflows/test-settings.yml
@@ -67,7 +67,7 @@ jobs:
        uses: ./base-action
        with:
          prompt: |
-            Use Bash to echo "This should not work"
+            Run the command `echo $HOME` to check the home directory path
          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
          settings: |
            {
@@ -163,7 +163,7 @@ jobs:
        uses: ./base-action
        with:
          prompt: |
-            Use Bash to echo "This should not work from file"
+            Run the command `echo $HOME` to check the home directory path
          anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
          settings: "test-settings.json"

--- a/README.md
+++ b/README.md
@@ -1,70 +1,70 @@
 ![Claude Code Action responding to a comment](https://github.com/user-attachments/assets/1d60c2e9-82ed-4ee5-b749-f9e021c85f4d)

-# Claude Code Action
+# Claude Code Action 🇦🇺

-A general-purpose [Claude Code](https://claude.ai/code) action for GitHub PRs and issues that can answer questions and implement code changes. This action intelligently detects when to activate based on your workflow context—whether responding to @claude mentions, issue assignments, or executing automation tasks with explicit prompts. It supports multiple authentication methods including Anthropic direct API, Amazon Bedrock, and Google Vertex AI.
+G'day mate! This is a fair dinkum [Claude Code](https://claude.ai/code) action for GitHub PRs and issues that'll help you out with questions and implement code changes like a proper legend. This ripper of an action is smart enough to know when to jump in based on your workflow context—whether you're giving it a bell with @claude mentions, chucking it an issue assignment, or running automation tasks with explicit prompts. She'll work with multiple authentication methods including Anthropic direct API, Amazon Bedrock, and Google Vertex AI. Beauty!

-## Features
+## What's the Go? (Features)

- 🎯 **Intelligent Mode Detection**: Automatically selects the appropriate execution mode based on your workflow context—no configuration needed
- 🤖 **Interactive Code Assistant**: Claude can answer questions about code, architecture, and programming
- 🔍 **Code Review**: Analyzes PR changes and suggests improvements
- ✨ **Code Implementation**: Can implement simple fixes, refactoring, and even new features
- 💬 **PR/Issue Integration**: Works seamlessly with GitHub comments and PR reviews
- 🛠️ **Flexible Tool Access**: Access to GitHub APIs and file operations (additional tools can be enabled via configuration)
- 📋 **Progress Tracking**: Visual progress indicators with checkboxes that dynamically update as Claude completes tasks
- 🏃 **Runs on Your Infrastructure**: The action executes entirely on your own GitHub runner (Anthropic API calls go to your chosen provider)
- ⚙️ **Simplified Configuration**: Unified `prompt` and `claude_args` inputs provide clean, powerful configuration aligned with Claude Code SDK
+- 🎯 **Smart as a Whip Mode Detection**: Automatically picks the right execution mode based on your workflow context—no mucking about with config needed
+- 🤖 **Interactive Code Mate**: Claude's your coding buddy who can answer questions about code, architecture, and programming like nobody's business
+- 🔍 **Code Review Champion**: Takes a squiz at your PR changes and suggests improvements that'll knock your socks off
+- ✨ **Code Implementation Wizard**: Can bang out simple fixes, refactoring, and even new features faster than you can say "Bob's your uncle"
+- 💬 **PR/Issue Integration Bonza**: Works like a dream with GitHub comments and PR reviews
+- 🛠️ **Flexible Tool Access**: Gets stuck into GitHub APIs and file operations (additional tools can be cranked up via configuration)
+- 📋 **Progress Tracking Beaut**: Visual progress indicators with checkboxes that update dynamically as Claude smashes through tasks
+- 🏃 **Runs on Your Turf**: The action runs entirely on your own GitHub runner (Anthropic API calls go to your chosen provider)
+- ⚙️ **No-Fuss Configuration**: Unified `prompt` and `claude_args` inputs provide clean, powerful configuration that's aligned with Claude Code SDK

-## 📦 Upgrading from v0.x?
+## 📦 Moving House from v0.x?

-**See our [Migration Guide](./docs/migration-guide.md)** for step-by-step instructions on updating your workflows to v1.0. The new version simplifies configuration while maintaining compatibility with most existing setups.
+**Chuck a look at our [Migration Guide](./docs/migration-guide.md)** for step-by-step instructions on updating your workflows to v1.0. The new version makes configuration a piece of piss while keeping things sweet with most existing setups.

-## Quickstart
+## Getting Started (Quick Smart!)

-The easiest way to set up this action is through [Claude Code](https://claude.ai/code) in the terminal. Just open `claude` and run `/install-github-app`.
+The easiest way to get this action up and running is through [Claude Code](https://claude.ai/code) in the terminal. Just fire up `claude` and run `/install-github-app`.

-This command will guide you through setting up the GitHub app and required secrets.
+This little beauty will walk you through setting up the GitHub app and all the secrets you need.

-**Note**:
+**Fair Warning**:

- You must be a repository admin to install the GitHub app and add secrets
- This quickstart method is only available for direct Anthropic API users. For AWS Bedrock or Google Vertex AI setup, see [docs/cloud-providers.md](./docs/cloud-providers.md).
+- You'll need to be a repository admin to install the GitHub app and add secrets (no worries if you're the boss!)
+- This quickstart method is only for direct Anthropic API users. If you're using AWS Bedrock or Google Vertex AI, have a sticky beak at [docs/cloud-providers.md](./docs/cloud-providers.md).

-## 📚 Solutions & Use Cases
+## 📚 Solutions & Ripper Use Cases

-Looking for specific automation patterns? Check our **[Solutions Guide](./docs/solutions.md)** for complete working examples including:
+Looking for specific automation patterns? Have a captain cook at our **[Solutions Guide](./docs/solutions.md)** for complete working examples including:

- **🔍 Automatic PR Code Review** - Full review automation
- **📂 Path-Specific Reviews** - Trigger on critical file changes
- **👥 External Contributor Reviews** - Special handling for new contributors
- **📝 Custom Review Checklists** - Enforce team standards
- **🔄 Scheduled Maintenance** - Automated repository health checks
- **🏷️ Issue Triage & Labeling** - Automatic categorization
- **📖 Documentation Sync** - Keep docs updated with code changes
- **🔒 Security-Focused Reviews** - OWASP-aligned security analysis
+- **🔍 Automatic PR Code Review** - Full review automation that's the cat's pyjamas
+- **📂 Path-Specific Reviews** - Triggers when critical files get a touch-up
+- **👥 External Contributor Reviews** - Special treatment for the new kids on the block
+- **📝 Custom Review Checklists** - Keep your team standards tighter than a fish's backside
+- **🔄 Scheduled Maintenance** - Automated repository health checks that run like clockwork
+- **🏷️ Issue Triage & Labeling** - Automatic categorization that sorts things faster than a sheepdog
+- **📖 Documentation Sync** - Keeps docs updated with code changes, no dramas
+- **🔒 Security-Focused Reviews** - OWASP-aligned security analysis that's tough as nails
 - **📊 DIY Progress Tracking** - Create tracking comments in automation mode

-Each solution includes complete working examples, configuration details, and expected outcomes.
+Each solution comes with the full monty—working examples, configuration details, and what you can expect to see.

-## Documentation
+## The Good Oil (Documentation)

- **[Solutions Guide](./docs/solutions.md)** - **🎯 Ready-to-use automation patterns**
- **[Migration Guide](./docs/migration-guide.md)** - **⭐ Upgrading from v0.x to v1.0**
- [Setup Guide](./docs/setup.md) - Manual setup, custom GitHub apps, and security best practices
- [Usage Guide](./docs/usage.md) - Basic usage, workflow configuration, and input parameters
- [Custom Automations](./docs/custom-automations.md) - Examples of automated workflows and custom prompts
- [Configuration](./docs/configuration.md) - MCP servers, permissions, environment variables, and advanced settings
- [Experimental Features](./docs/experimental.md) - Execution modes and network restrictions
- [Cloud Providers](./docs/cloud-providers.md) - AWS Bedrock and Google Vertex AI setup
- [Capabilities & Limitations](./docs/capabilities-and-limitations.md) - What Claude can and cannot do
- [Security](./docs/security.md) - Access control, permissions, and commit signing
- [FAQ](./docs/faq.md) - Common questions and troubleshooting
+- **[Solutions Guide](./docs/solutions.md)** - **🎯 Ready-to-go automation patterns that'll make you smile**
+- **[Migration Guide](./docs/migration-guide.md)** - **⭐ Moving up from v0.x to v1.0**
+- [Setup Guide](./docs/setup.md) - Manual setup, custom GitHub apps, and security best practices (for the keen beans)
+- [Usage Guide](./docs/usage.md) - Basic usage, workflow configuration, and input parameters (the bread and butter)
+- [Custom Automations](./docs/custom-automations.md) - Examples of automated workflows and custom prompts that'll blow your mind
+- [Configuration](./docs/configuration.md) - MCP servers, permissions, environment variables, and advanced settings (for the tech heads)
+- [Experimental Features](./docs/experimental.md) - Execution modes and network restrictions (cutting edge stuff)
+- [Cloud Providers](./docs/cloud-providers.md) - AWS Bedrock and Google Vertex AI setup (for the cloud cowboys)
+- [Capabilities & Limitations](./docs/capabilities-and-limitations.md) - What Claude can and can't do (keeping it real)
+- [Security](./docs/security.md) - Access control, permissions, and commit signing (locked up tight)
+- [FAQ](./docs/faq.md) - Common questions and troubleshooting (when things go pear-shaped)

-## 📚 FAQ
+## 📚 Got Questions? She'll Be Right!

-Having issues or questions? Check out our [Frequently Asked Questions](./docs/faq.md) for solutions to common problems and detailed explanations of Claude's capabilities and limitations.
+Having a bit of trouble or got some questions rattling around? Have a gander at our [Frequently Asked Questions](./docs/faq.md) for solutions to common problems and detailed explanations of what Claude can and can't do. No worries, mate!

 ## License

-This project is licensed under the MIT License—see the LICENSE file for details.
+This project is licensed under the MIT License—have a squiz at the LICENSE file for all the nitty-gritty details.
--- a/action.yml
+++ b/action.yml
@@ -177,7 +177,7 @@ runs:
        # Install Claude Code if no custom executable is provided
        if [ -z "${{ inputs.path_to_claude_code_executable }}" ]; then
          echo "Installing Claude Code..."
-          curl -fsSL https://claude.ai/install.sh | bash -s 1.0.109
+          curl -fsSL https://claude.ai/install.sh | bash -s 2.0.10
          echo "$HOME/.local/bin" >> "$GITHUB_PATH"
        else
          echo "Using custom Claude Code executable: ${{ inputs.path_to_claude_code_executable }}"
@@ -223,6 +223,7 @@ runs:
        ANTHROPIC_API_KEY: ${{ inputs.anthropic_api_key }}
        CLAUDE_CODE_OAUTH_TOKEN: ${{ inputs.claude_code_oauth_token }}
        ANTHROPIC_BASE_URL: ${{ env.ANTHROPIC_BASE_URL }}
+        ANTHROPIC_CUSTOM_HEADERS: ${{ env.ANTHROPIC_CUSTOM_HEADERS }}
        CLAUDE_CODE_USE_BEDROCK: ${{ inputs.use_bedrock == 'true' && '1' || '' }}
        CLAUDE_CODE_USE_VERTEX: ${{ inputs.use_vertex == 'true' && '1' || '' }}

@@ -258,7 +259,7 @@ runs:
        GITHUB_EVENT_NAME: ${{ github.event_name }}
        TRIGGER_COMMENT_ID: ${{ github.event.comment.id }}
        CLAUDE_BRANCH: ${{ steps.prepare.outputs.CLAUDE_BRANCH }}
-        IS_PR: ${{ github.event.issue.pull_request != null || github.event_name == 'pull_request_review_comment' }}
+        IS_PR: ${{ github.event.issue.pull_request != null || github.event_name == 'pull_request_target' || github.event_name == 'pull_request_review_comment' }}
        BASE_BRANCH: ${{ steps.prepare.outputs.BASE_BRANCH }}
        CLAUDE_SUCCESS: ${{ steps.claude-code.outputs.conclusion == 'success' }}
        OUTPUT_FILE: ${{ steps.claude-code.outputs.execution_file || '' }}
--- a/base-action/CLAUDE.md
+++ b/base-action/CLAUDE.md
@@ -50,7 +50,7 @@ This is a GitHub Action that allows running Claude Code within GitHub workflows.

 - Unit tests for configuration logic
 - Integration tests for prompt preparation
- Full workflow tests in `.github/workflows/test-action.yml`
+- Full workflow tests in `.github/workflows/test-base-action.yml`

 ## Important Technical Details

--- a/base-action/action.yml
+++ b/base-action/action.yml
@@ -99,7 +99,7 @@ runs:
      run: |
        if [ -z "${{ inputs.path_to_claude_code_executable }}" ]; then
          echo "Installing Claude Code..."
-          curl -fsSL https://claude.ai/install.sh | bash -s 1.0.109
+          curl -fsSL https://claude.ai/install.sh | bash -s 2.0.10
        else
          echo "Using custom Claude Code executable: ${{ inputs.path_to_claude_code_executable }}"
          # Add the directory containing the custom executable to PATH
@@ -131,6 +131,7 @@ runs:
        ANTHROPIC_API_KEY: ${{ inputs.anthropic_api_key }}
        CLAUDE_CODE_OAUTH_TOKEN: ${{ inputs.claude_code_oauth_token }}
        ANTHROPIC_BASE_URL: ${{ env.ANTHROPIC_BASE_URL }}
+        ANTHROPIC_CUSTOM_HEADERS: ${{ env.ANTHROPIC_CUSTOM_HEADERS }}
        # Only set provider flags if explicitly true, since any value (including "false") is truthy
        CLAUDE_CODE_USE_BEDROCK: ${{ inputs.use_bedrock == 'true' && '1' || '' }}
        CLAUDE_CODE_USE_VERTEX: ${{ inputs.use_vertex == 'true' && '1' || '' }}
--- a/base-action/test-local.sh
+++ b/base-action/test-local.sh
@@ -9,4 +9,4 @@ fi
 # Run the test workflow locally
 # You'll need to provide your ANTHROPIC_API_KEY
 echo "Running action locally with act..."
-act push --secret ANTHROPIC_API_KEY="$ANTHROPIC_API_KEY" -W .github/workflows/test-action.yml --container-architecture linux/amd64
+act push --secret ANTHROPIC_API_KEY="$ANTHROPIC_API_KEY" -W .github/workflows/test-base-action.yml --container-architecture linux/amd64
--- a/docs/configuration.md
+++ b/docs/configuration.md
@@ -343,3 +343,31 @@ Many individual input parameters have been consolidated into `claude_args` or `s
 | `mcp_config`          | Use `claude_args: "--mcp-config '{...}'"`                |
 | `direct_prompt`       | Use `prompt` input instead                               |
 | `override_prompt`     | Use `prompt` with GitHub context variables               |
+
+## Custom Executables for Specialized Environments
+
+For specialized environments like Nix, custom container setups, or other package management systems where the default installation doesn't work, you can provide your own executables:
+
+### Custom Claude Code Executable
+
+Use `path_to_claude_code_executable` to provide your own Claude Code binary instead of using the automatically installed version:
+
+```yaml
+- uses: anthropics/claude-code-action@v1
+  with:
+    path_to_claude_code_executable: "/path/to/custom/claude"
+    # ... other inputs
+```
+
+### Custom Bun Executable
+
+Use `path_to_bun_executable` to provide your own Bun runtime instead of the default installation:
+
+```yaml
+- uses: anthropics/claude-code-action@v1
+  with:
+    path_to_bun_executable: "/path/to/custom/bun"
+    # ... other inputs
+```
+
+**Important**: Using incompatible versions may cause the action to fail. Ensure your custom executables are compatible with the action's requirements.
--- a/docs/custom-automations.md
+++ b/docs/custom-automations.md
@@ -15,7 +15,7 @@ The action automatically detects which mode to use based on your configuration:

 This action supports the following GitHub events ([learn more GitHub event triggers](https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows)):

- `pull_request` - When PRs are opened or synchronized
+- `pull_request` or `pull_request_target` - When PRs are opened or synchronized
 - `issue_comment` - When comments are created on issues or PRs
 - `pull_request_comment` - When comments are made on PR diffs
 - `issues` - When issues are opened or assigned
--- a/docs/faq.md
+++ b/docs/faq.md
@@ -213,6 +213,44 @@ Check the GitHub Action log for Claude's run for the full execution trace.

 The trigger uses word boundaries, so `@claude` must be a complete word. Variations like `@claude-bot`, `@claude!`, or `claude@mention` won't work unless you customize the `trigger_phrase`.

+### How can I use custom executables in specialized environments?
+
+For specialized environments like Nix, NixOS, or custom container setups where you need to provide your own executables:
+
+**Using a custom Claude Code executable:**
+
+```yaml
+- uses: anthropics/claude-code-action@v1
+  with:
+    anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+    path_to_claude_code_executable: "/path/to/custom/claude"
+    # ... other inputs
+```
+
+**Using a custom Bun executable:**
+
+```yaml
+- uses: anthropics/claude-code-action@v1
+  with:
+    anthropic_api_key: ${{ secrets.ANTHROPIC_API_KEY }}
+    path_to_bun_executable: "/path/to/custom/bun"
+    # ... other inputs
+```
+
+**Common use cases:**
+
+- Nix/NixOS environments where packages are managed differently
+- Docker containers with pre-installed executables
+- Custom build environments with specific version requirements
+- Debugging specific issues with particular versions
+
+**Important notes:**
+
+- Using an older Claude Code version may cause problems if the action uses newer features
+- Using an incompatible Bun version may cause runtime errors
+- The action will skip automatic installation when custom paths are provided
+- Ensure the custom executables are available in your GitHub Actions environment
+
 ## Best Practices

 1. **Always specify permissions explicitly** in your workflow file
--- a/docs/security.md
+++ b/docs/security.md
@@ -13,6 +13,10 @@
 - **No Cross-Repository Access**: Each action invocation is limited to the repository where it was triggered
 - **Limited Scope**: The token cannot access other repositories or perform actions beyond the configured permissions

+## ⚠️ Prompt Injection Risks
+
+**Beware of potential hidden markdown when tagging Claude on untrusted content.** External contributors may include hidden instructions through HTML comments, invisible characters, hidden attributes, or other techniques. The action sanitizes content by stripping HTML comments, invisible characters, markdown image alt text, hidden HTML attributes, and HTML entities, but new bypass techniques may emerge. We recommend reviewing the raw content of all input coming from external contributors before allowing Claude to process it.
+
 ## GitHub App Permissions

 The [Claude Code GitHub app](https://github.com/apps/claude) requires these permissions:
--- a/docs/usage.md
+++ b/docs/usage.md
@@ -47,31 +47,32 @@ jobs:

 ## Inputs

-| Input                          | Description                                                                                                                                                                    | Required | Default       |
-| ------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -------- | ------------- |
-| `anthropic_api_key`            | Anthropic API key (required for direct API, not needed for Bedrock/Vertex)                                                                                                     | No\*     | -             |
-| `claude_code_oauth_token`      | Claude Code OAuth token (alternative to anthropic_api_key)                                                                                                                     | No\*     | -             |
-| `prompt`                       | Instructions for Claude. Can be a direct prompt or custom template for automation workflows                                                                                    | No       | -             |
-| `track_progress`               | Force tag mode with tracking comments. Only works with specific PR/issue events. Preserves GitHub context                                                                      | No       | `false`       |
-| `claude_args`                  | Additional arguments to pass directly to Claude CLI (e.g., `--max-turns 10 --model claude-4-0-sonnet-20250805`)                                                                | No       | ""            |
-| `base_branch`                  | The base branch to use for creating new branches (e.g., 'main', 'develop')                                                                                                     | No       | -             |
-| `use_sticky_comment`           | Use just one comment to deliver PR comments (only applies for pull_request event workflows)                                                                                    | No       | `false`       |
-| `github_token`                 | GitHub token for Claude to operate with. **Only include this if you're connecting a custom GitHub app of your own!**                                                           | No       | -             |
-| `use_bedrock`                  | Use Amazon Bedrock with OIDC authentication instead of direct Anthropic API                                                                                                    | No       | `false`       |
-| `use_vertex`                   | Use Google Vertex AI with OIDC authentication instead of direct Anthropic API                                                                                                  | No       | `false`       |
-| `mcp_config`                   | Additional MCP configuration (JSON string) that merges with the built-in GitHub MCP servers                                                                                    | No       | ""            |
-| `assignee_trigger`             | The assignee username that triggers the action (e.g. @claude). Only used for issue assignment                                                                                  | No       | -             |
-| `label_trigger`                | The label name that triggers the action when applied to an issue (e.g. "claude")                                                                                               | No       | -             |
-| `trigger_phrase`               | The trigger phrase to look for in comments, issue/PR bodies, and issue titles                                                                                                  | No       | `@claude`     |
-| `branch_prefix`                | The prefix to use for Claude branches (defaults to 'claude/', use 'claude-' for dash format)                                                                                   | No       | `claude/`     |
-| `settings`                     | Claude Code settings as JSON string or path to settings JSON file                                                                                                              | No       | ""            |
-| `additional_permissions`       | Additional permissions to enable. Currently supports 'actions: read' for viewing workflow results                                                                              | No       | ""            |
-| `experimental_allowed_domains` | Restrict network access to these domains only (newline-separated).                                                                                                             | No       | ""            |
-| `use_commit_signing`           | Enable commit signing using GitHub's commit signature verification. When false, Claude uses standard git commands                                                              | No       | `false`       |
-| `bot_id`                       | GitHub user ID to use for git operations (defaults to Claude's bot ID)                                                                                                         | No       | `41898282`    |
-| `bot_name`                     | GitHub username to use for git operations (defaults to Claude's bot name)                                                                                                      | No       | `claude[bot]` |
-| `allowed_bots`                 | Comma-separated list of allowed bot usernames, or '\*' to allow all bots. Empty string (default) allows no bots                                                                | No       | ""            |
-| `allowed_non_write_users`      | **⚠️ RISKY**: Comma-separated list of usernames to allow without write permissions, or '\*' for all users. Only works with `github_token` input. See [Security](./security.md) | No       | ""            |
+| Input                            | Description                                                                                                                                                                    | Required | Default       |
+| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | -------- | ------------- |
+| `anthropic_api_key`              | Anthropic API key (required for direct API, not needed for Bedrock/Vertex)                                                                                                     | No\*     | -             |
+| `claude_code_oauth_token`        | Claude Code OAuth token (alternative to anthropic_api_key)                                                                                                                     | No\*     | -             |
+| `prompt`                         | Instructions for Claude. Can be a direct prompt or custom template for automation workflows                                                                                    | No       | -             |
+| `track_progress`                 | Force tag mode with tracking comments. Only works with specific PR/issue events. Preserves GitHub context                                                                      | No       | `false`       |
+| `claude_args`                    | Additional arguments to pass directly to Claude CLI (e.g., `--max-turns 10 --model claude-4-0-sonnet-20250805`)                                                                | No       | ""            |
+| `base_branch`                    | The base branch to use for creating new branches (e.g., 'main', 'develop')                                                                                                     | No       | -             |
+| `use_sticky_comment`             | Use just one comment to deliver PR comments (only applies for pull_request event workflows)                                                                                    | No       | `false`       |
+| `github_token`                   | GitHub token for Claude to operate with. **Only include this if you're connecting a custom GitHub app of your own!**                                                           | No       | -             |
+| `use_bedrock`                    | Use Amazon Bedrock with OIDC authentication instead of direct Anthropic API                                                                                                    | No       | `false`       |
+| `use_vertex`                     | Use Google Vertex AI with OIDC authentication instead of direct Anthropic API                                                                                                  | No       | `false`       |
+| `assignee_trigger`               | The assignee username that triggers the action (e.g. @claude). Only used for issue assignment                                                                                  | No       | -             |
+| `label_trigger`                  | The label name that triggers the action when applied to an issue (e.g. "claude")                                                                                               | No       | -             |
+| `trigger_phrase`                 | The trigger phrase to look for in comments, issue/PR bodies, and issue titles                                                                                                  | No       | `@claude`     |
+| `branch_prefix`                  | The prefix to use for Claude branches (defaults to 'claude/', use 'claude-' for dash format)                                                                                   | No       | `claude/`     |
+| `settings`                       | Claude Code settings as JSON string or path to settings JSON file                                                                                                              | No       | ""            |
+| `additional_permissions`         | Additional permissions to enable. Currently supports 'actions: read' for viewing workflow results                                                                              | No       | ""            |
+| `experimental_allowed_domains`   | Restrict network access to these domains only (newline-separated).                                                                                                             | No       | ""            |
+| `use_commit_signing`             | Enable commit signing using GitHub's commit signature verification. When false, Claude uses standard git commands                                                              | No       | `false`       |
+| `bot_id`                         | GitHub user ID to use for git operations (defaults to Claude's bot ID)                                                                                                         | No       | `41898282`    |
+| `bot_name`                       | GitHub username to use for git operations (defaults to Claude's bot name)                                                                                                      | No       | `claude[bot]` |
+| `allowed_bots`                   | Comma-separated list of allowed bot usernames, or '\*' to allow all bots. Empty string (default) allows no bots                                                                | No       | ""            |
+| `allowed_non_write_users`        | **⚠️ RISKY**: Comma-separated list of usernames to allow without write permissions, or '\*' for all users. Only works with `github_token` input. See [Security](./security.md) | No       | ""            |
+| `path_to_claude_code_executable` | Optional path to a custom Claude Code executable. Skips automatic installation. Useful for Nix, custom containers, or specialized environments                                 | No       | ""            |
+| `path_to_bun_executable`         | Optional path to a custom Bun executable. Skips automatic Bun installation. Useful for Nix, custom containers, or specialized environments                                     | No       | ""            |

 ### Deprecated Inputs

@@ -88,6 +89,7 @@ These inputs are deprecated and will be removed in a future version:
 | `fallback_model`      | **DEPRECATED**: Use `claude_args` with fallback configuration                                | Configure fallback in `claude_args` or `settings`              |
 | `allowed_tools`       | **DEPRECATED**: Use `claude_args` with `--allowedTools` instead                              | Use `claude_args: "--allowedTools Edit,Read,Write"`            |
 | `disallowed_tools`    | **DEPRECATED**: Use `claude_args` with `--disallowedTools` instead                           | Use `claude_args: "--disallowedTools WebSearch"`               |
+| `mcp_config`          | **DEPRECATED**: Use `claude_args` with `--mcp-config` instead                                | Use `claude_args: "--mcp-config '{...}'"`                      |
 | `claude_env`          | **DEPRECATED**: Use `settings` with env configuration                                        | Configure environment in `settings` JSON                       |

 \*Required when using direct Anthropic API (default and when not using Bedrock or Vertex)
--- a/src/create-prompt/index.ts
+++ b/src/create-prompt/index.ts
@@ -384,6 +384,7 @@ export function getEventTypeAndContext(envVars: PreparedContext): {
      };

    case "pull_request":
+    case "pull_request_target":
      return {
        eventType: "PULL_REQUEST",
        triggerContext: eventData.eventAction
@@ -708,7 +709,7 @@ What You CANNOT Do:
 - Modify files in the .github/workflows directory (GitHub App permissions do not allow workflow modifications)

 When users ask you to perform actions you cannot do, politely explain the limitation and, when applicable, direct them to the FAQ for more information and workarounds:
-"I'm unable to [specific action] due to [reason]. You can find more information and potential workarounds in the [FAQ](https://github.com/anthropics/claude-code-action/blob/main/FAQ.md)."
+"I'm unable to [specific action] due to [reason]. You can find more information and potential workarounds in the [FAQ](https://github.com/anthropics/claude-code-action/blob/main/docs/faq.md)."

 If a user asks for something outside these capabilities (and you have no other tools provided), politely explain that you cannot perform that action and suggest an alternative approach if possible.

--- a/src/create-prompt/types.ts
+++ b/src/create-prompt/types.ts
@@ -78,8 +78,7 @@ type IssueLabeledEvent = {
  labelTrigger: string;
 };

-type PullRequestEvent = {
-  eventName: "pull_request";
+type PullRequestBaseEvent = {
  eventAction?: string; // opened, synchronize, etc.
  isPR: true;
  prNumber: string;
@@ -87,6 +86,14 @@ type PullRequestEvent = {
  baseBranch?: string;
 };

+type PullRequestEvent = PullRequestBaseEvent & {
+  eventName: "pull_request";
+};
+
+type PullRequestTargetEvent = PullRequestBaseEvent & {
+  eventName: "pull_request_target";
+};
+
 // Union type for all possible event types
 export type EventData =
  | PullRequestReviewCommentEvent
@@ -96,7 +103,8 @@ export type EventData =
  | IssueOpenedEvent
  | IssueAssignedEvent
  | IssueLabeledEvent
-  | PullRequestEvent;
+  | PullRequestEvent
+  | PullRequestTargetEvent;

 // Combined type with separate eventData field
 export type PreparedContext = CommonFields & {
--- a/src/github/context.ts
+++ b/src/github/context.ts
@@ -174,7 +174,8 @@ export function parseGitHubContext(): GitHubContext {
        isPR: Boolean(payload.issue.pull_request),
      };
    }
-    case "pull_request": {
+    case "pull_request":
+    case "pull_request_target": {
      const payload = context.payload as PullRequestEvent;
      return {
        ...commonFields,
--- a/src/mcp/install-mcp-server.ts
+++ b/src/mcp/install-mcp-server.ts
@@ -3,6 +3,7 @@ import { GITHUB_API_URL, GITHUB_SERVER_URL } from "../github/api/config";
 import type { GitHubContext } from "../github/context";
 import { isEntityContext } from "../github/context";
 import { Octokit } from "@octokit/rest";
+import type { AutoDetectedMode } from "../modes/detector";

 type PrepareConfigParams = {
  githubToken: string;
@@ -12,8 +13,8 @@ type PrepareConfigParams = {
  baseBranch: string;
  claudeCommentId?: string;
  allowedTools: string[];
+  mode: AutoDetectedMode;
  context: GitHubContext;
-  mode: "tag" | "agent";
 };

 async function checkActionsReadPermission(
@@ -65,8 +66,13 @@ export async function prepareMcpConfig(
  try {
    const allowedToolsList = allowedTools || [];

+    // Detect if we're in agent mode (explicit prompt provided)
    const isAgentMode = mode === "agent";

+    const hasGitHubCommentTools = allowedToolsList.some((tool) =>
+      tool.startsWith("mcp__github_comment__"),
+    );
+
    const hasGitHubMcpTools = allowedToolsList.some((tool) =>
      tool.startsWith("mcp__github__"),
    );
@@ -86,7 +92,7 @@ export async function prepareMcpConfig(
    // Include comment server:
    // - Always in tag mode (for updating Claude comments)
    // - Only with explicit tools in agent mode
-    const shouldIncludeCommentServer = !isAgentMode;
+    const shouldIncludeCommentServer = !isAgentMode || hasGitHubCommentTools;

    if (shouldIncludeCommentServer) {
      baseMcpConfig.mcpServers.github_comment = {
--- a/src/modes/agent/index.ts
+++ b/src/modes/agent/index.ts
@@ -135,8 +135,8 @@ export const agentMode: Mode = {
      baseBranch: baseBranch,
      claudeCommentId: undefined, // No tracking comment in agent mode
      allowedTools,
-      context,
      mode: "agent",
+      context,
    });

    // Build final claude_args with multiple --mcp-config flags
--- a/src/modes/agent/parse-tools.ts
+++ b/src/modes/agent/parse-tools.ts
@@ -1,10 +1,10 @@
 export function parseAllowedTools(claudeArgs: string): string[] {
-  // Match --allowedTools followed by the value
+  // Match --allowedTools or --allowed-tools followed by the value
  // Handle both quoted and unquoted values
  const patterns = [
-    /--allowedTools\s+"([^"]+)"/, // Double quoted
-    /--allowedTools\s+'([^']+)'/, // Single quoted
-    /--allowedTools\s+([^\s]+)/, // Unquoted
+    /--(?:allowedTools|allowed-tools)\s+"([^"]+)"/, // Double quoted
+    /--(?:allowedTools|allowed-tools)\s+'([^']+)'/, // Single quoted
+    /--(?:allowedTools|allowed-tools)\s+([^\s]+)/, // Unquoted
  ];

  for (const pattern of patterns) {
--- a/src/modes/tag/index.ts
+++ b/src/modes/tag/index.ts
@@ -14,6 +14,7 @@ import { createPrompt, generateDefaultPrompt } from "../../create-prompt";
 import { isEntityContext } from "../../github/context";
 import type { PreparedContext } from "../../create-prompt/types";
 import type { FetchDataResult } from "../../github/data/fetcher";
+import { parseAllowedTools } from "../agent/parse-tools";

 /**
 * Tag mode implementation.
@@ -112,20 +113,10 @@ export const tagMode: Mode = {

    await createPrompt(tagMode, modeContext, githubData, context);

-    // Get our GitHub MCP servers configuration
-    const ourMcpConfig = await prepareMcpConfig({
-      githubToken,
-      owner: context.repository.owner,
-      repo: context.repository.repo,
-      branch: branchInfo.claudeBranch || branchInfo.currentBranch,
-      baseBranch: branchInfo.baseBranch,
-      claudeCommentId: commentId.toString(),
-      allowedTools: [],
-      context,
-      mode: "tag",
-    });
-
-    // Don't output mcp_config separately anymore - include in claude_args
+    const userClaudeArgs = process.env.CLAUDE_ARGS || "";
+    const userAllowedMCPTools = parseAllowedTools(userClaudeArgs).filter(
+      (tool) => tool.startsWith("mcp__github_"),
+    );

    // Build claude_args for tag mode with required tools
    // Tag mode REQUIRES these tools to function properly
@@ -141,6 +132,7 @@ export const tagMode: Mode = {
      "mcp__github_ci__get_ci_status",
      "mcp__github_ci__get_workflow_run_details",
      "mcp__github_ci__download_job_log",
+      ...userAllowedMCPTools,
    ];

    // Add git commands when not using commit signing
@@ -162,7 +154,18 @@ export const tagMode: Mode = {
      );
    }

-    const userClaudeArgs = process.env.CLAUDE_ARGS || "";
+    // Get our GitHub MCP servers configuration
+    const ourMcpConfig = await prepareMcpConfig({
+      githubToken,
+      owner: context.repository.owner,
+      repo: context.repository.repo,
+      branch: branchInfo.claudeBranch || branchInfo.currentBranch,
+      baseBranch: branchInfo.baseBranch,
+      claudeCommentId: commentId.toString(),
+      allowedTools: Array.from(new Set(tagModeTools)),
+      mode: "tag",
+      context,
+    });

    // Build complete claude_args with multiple --mcp-config flags
    let claudeArgs = "";
--- a/test/install-mcp-server.test.ts
+++ b/test/install-mcp-server.test.ts
@@ -106,8 +106,8 @@ describe("prepareMcpConfig", () => {
      branch: "test-branch",
      baseBranch: "main",
      allowedTools: [],
-      context: mockContextWithSigning,
      mode: "tag",
+      context: mockContextWithSigning,
    });

    const parsed = JSON.parse(result);
@@ -130,8 +130,8 @@ describe("prepareMcpConfig", () => {
      branch: "test-branch",
      baseBranch: "main",
      allowedTools: ["mcp__github__create_issue", "mcp__github__create_pr"],
-      context: mockContext,
      mode: "tag",
+      context: mockContext,
    });

    const parsed = JSON.parse(result);
@@ -151,8 +151,8 @@ describe("prepareMcpConfig", () => {
      branch: "test-branch",
      baseBranch: "main",
      allowedTools: ["mcp__github_inline_comment__create_inline_comment"],
-      context: mockPRContext,
      mode: "tag",
+      context: mockPRContext,
    });

    const parsed = JSON.parse(result);
@@ -172,8 +172,8 @@ describe("prepareMcpConfig", () => {
      branch: "test-branch",
      baseBranch: "main",
      allowedTools: [],
-      context: mockContext,
      mode: "tag",
+      context: mockContext,
    });

    const parsed = JSON.parse(result);
@@ -193,8 +193,8 @@ describe("prepareMcpConfig", () => {
      branch: "test-branch",
      baseBranch: "main",
      allowedTools: [],
-      context: mockContextWithSigning,
      mode: "tag",
+      context: mockContextWithSigning,
    });

    const parsed = JSON.parse(result);
@@ -213,8 +213,8 @@ describe("prepareMcpConfig", () => {
      branch: "test-branch",
      baseBranch: "main",
      allowedTools: [],
-      context: mockContextWithSigning,
      mode: "tag",
+      context: mockContextWithSigning,
    });

    const parsed = JSON.parse(result);
@@ -231,8 +231,8 @@ describe("prepareMcpConfig", () => {
      branch: "test-branch",
      baseBranch: "main",
      allowedTools: [],
-      context: mockPRContext,
      mode: "tag",
+      context: mockPRContext,
    });

    const parsed = JSON.parse(result);
@@ -251,8 +251,8 @@ describe("prepareMcpConfig", () => {
      branch: "test-branch",
      baseBranch: "main",
      allowedTools: [],
-      context: mockContext,
      mode: "tag",
+      context: mockContext,
    });

    const parsed = JSON.parse(result);
@@ -269,8 +269,8 @@ describe("prepareMcpConfig", () => {
      branch: "test-branch",
      baseBranch: "main",
      allowedTools: [],
-      context: mockPRContext,
      mode: "tag",
+      context: mockPRContext,
    });

    const parsed = JSON.parse(result);
--- a/tests/modes/detector.test.ts
+++ b/tests/modes/detector.test.ts
@@ -20,7 +20,10 @@ describe("detectMode with enhanced routing", () => {
      branchPrefix: "claude/",
      useStickyComment: false,
      useCommitSigning: false,
+      botId: "123456",
+      botName: "claude-bot",
      allowedBots: "",
+      allowedNonWriteUsers: "",
      trackProgress: false,
    },
  };
--- a/test/modes/parse-tools.test.ts
+++ b/test/modes/parse-tools.test.ts
@@ -68,4 +68,20 @@ describe("parseAllowedTools", () => {
      "mcp__github_comment__update",
    ]);
  });
+
+  test("parses kebab-case --allowed-tools", () => {
+    const args = "--allowed-tools mcp__github__*,mcp__github_comment__*";
+    expect(parseAllowedTools(args)).toEqual([
+      "mcp__github__*",
+      "mcp__github_comment__*",
+    ]);
+  });
+
+  test("parses quoted kebab-case --allowed-tools", () => {
+    const args = '--allowed-tools "mcp__github__*,mcp__github_comment__*"';
+    expect(parseAllowedTools(args)).toEqual([
+      "mcp__github__*",
+      "mcp__github_comment__*",
+    ]);
+  });
 });
--- a/test/pull-request-target.test.ts
+++ b/test/pull-request-target.test.ts
@@ -0,0 +1,504 @@
+#!/usr/bin/env bun
+
+import { describe, test, expect } from "bun:test";
+import {
+  getEventTypeAndContext,
+  generatePrompt,
+  generateDefaultPrompt,
+} from "../src/create-prompt";
+import type { PreparedContext } from "../src/create-prompt";
+import type { Mode } from "../src/modes/types";
+
+describe("pull_request_target event support", () => {
+  // Mock tag mode for testing
+  const mockTagMode: Mode = {
+    name: "tag",
+    description: "Tag mode",
+    shouldTrigger: () => true,
+    prepareContext: (context) => ({ mode: "tag", githubContext: context }),
+    getAllowedTools: () => [],
+    getDisallowedTools: () => [],
+    shouldCreateTrackingComment: () => true,
+    generatePrompt: (context, githubData, useCommitSigning) =>
+      generateDefaultPrompt(context, githubData, useCommitSigning),
+    prepare: async () => ({
+      commentId: 123,
+      branchInfo: {
+        baseBranch: "main",
+        currentBranch: "main",
+        claudeBranch: undefined,
+      },
+      mcpConfig: "{}",
+    }),
+  };
+
+  const mockGitHubData = {
+    contextData: {
+      title: "External PR via pull_request_target",
+      body: "This PR comes from a forked repository",
+      author: { login: "external-contributor" },
+      state: "OPEN",
+      createdAt: "2023-01-01T00:00:00Z",
+      additions: 25,
+      deletions: 3,
+      baseRefName: "main",
+      headRefName: "feature-branch",
+      headRefOid: "abc123",
+      commits: {
+        totalCount: 2,
+        nodes: [
+          {
+            commit: {
+              oid: "commit1",
+              message: "Initial feature implementation",
+              author: {
+                name: "External Dev",
+                email: "external@example.com",
+              },
+            },
+          },
+          {
+            commit: {
+              oid: "commit2",
+              message: "Fix typos and formatting",
+              author: {
+                name: "External Dev",
+                email: "external@example.com",
+              },
+            },
+          },
+        ],
+      },
+      files: {
+        nodes: [
+          {
+            path: "src/feature.ts",
+            additions: 20,
+            deletions: 2,
+            changeType: "MODIFIED",
+          },
+          {
+            path: "tests/feature.test.ts",
+            additions: 5,
+            deletions: 1,
+            changeType: "ADDED",
+          },
+        ],
+      },
+      comments: { nodes: [] },
+      reviews: { nodes: [] },
+    },
+    comments: [],
+    changedFiles: [],
+    changedFilesWithSHA: [
+      {
+        path: "src/feature.ts",
+        additions: 20,
+        deletions: 2,
+        changeType: "MODIFIED",
+        sha: "abc123",
+      },
+      {
+        path: "tests/feature.test.ts",
+        additions: 5,
+        deletions: 1,
+        changeType: "ADDED",
+        sha: "abc123",
+      },
+    ],
+    reviewData: { nodes: [] },
+    imageUrlMap: new Map<string, string>(),
+  };
+
+  describe("prompt generation for pull_request_target", () => {
+    test("should generate correct prompt for pull_request_target event", () => {
+      const envVars: PreparedContext = {
+        repository: "owner/repo",
+        claudeCommentId: "12345",
+        triggerPhrase: "@claude",
+        eventData: {
+          eventName: "pull_request_target",
+          eventAction: "opened",
+          isPR: true,
+          prNumber: "123",
+        },
+      };
+
+      const prompt = generatePrompt(
+        envVars,
+        mockGitHubData,
+        false,
+        mockTagMode,
+      );
+
+      // Should contain pull request event type and metadata
+      expect(prompt).toContain("<event_type>PULL_REQUEST</event_type>");
+      expect(prompt).toContain("<is_pr>true</is_pr>");
+      expect(prompt).toContain("<pr_number>123</pr_number>");
+      expect(prompt).toContain(
+        "<trigger_context>pull request opened</trigger_context>",
+      );
+
+      // Should contain PR-specific information
+      expect(prompt).toContain(
+        "- src/feature.ts (MODIFIED) +20/-2 SHA: abc123",
+      );
+      expect(prompt).toContain(
+        "- tests/feature.test.ts (ADDED) +5/-1 SHA: abc123",
+      );
+      expect(prompt).toContain("external-contributor");
+      expect(prompt).toContain("<repository>owner/repo</repository>");
+    });
+
+    test("should handle pull_request_target with commit signing disabled", () => {
+      const envVars: PreparedContext = {
+        repository: "owner/repo",
+        claudeCommentId: "12345",
+        triggerPhrase: "@claude",
+        eventData: {
+          eventName: "pull_request_target",
+          eventAction: "synchronize",
+          isPR: true,
+          prNumber: "456",
+        },
+      };
+
+      const prompt = generatePrompt(
+        envVars,
+        mockGitHubData,
+        false,
+        mockTagMode,
+      );
+
+      // Should include git commands for non-commit-signing mode
+      expect(prompt).toContain("git push");
+      expect(prompt).toContain(
+        "Always push to the existing branch when triggered on a PR",
+      );
+      expect(prompt).toContain("mcp__github_comment__update_claude_comment");
+
+      // Should not include commit signing tools
+      expect(prompt).not.toContain("mcp__github_file_ops__commit_files");
+    });
+
+    test("should handle pull_request_target with commit signing enabled", () => {
+      const envVars: PreparedContext = {
+        repository: "owner/repo",
+        claudeCommentId: "12345",
+        triggerPhrase: "@claude",
+        eventData: {
+          eventName: "pull_request_target",
+          eventAction: "synchronize",
+          isPR: true,
+          prNumber: "456",
+        },
+      };
+
+      const prompt = generatePrompt(envVars, mockGitHubData, true, mockTagMode);
+
+      // Should include commit signing tools
+      expect(prompt).toContain("mcp__github_file_ops__commit_files");
+      expect(prompt).toContain("mcp__github_file_ops__delete_files");
+      expect(prompt).toContain("mcp__github_comment__update_claude_comment");
+
+      // Should not include git command instructions
+      expect(prompt).not.toContain("Use git commands via the Bash tool");
+    });
+
+    test("should treat pull_request_target same as pull_request in prompt generation", () => {
+      const baseContext: PreparedContext = {
+        repository: "owner/repo",
+        claudeCommentId: "12345",
+        triggerPhrase: "@claude",
+        eventData: {
+          eventName: "pull_request_target",
+          eventAction: "opened",
+          isPR: true,
+          prNumber: "123",
+        },
+      };
+
+      // Generate prompt for pull_request
+      const pullRequestContext: PreparedContext = {
+        ...baseContext,
+        eventData: {
+          ...baseContext.eventData,
+          eventName: "pull_request",
+          isPR: true,
+          prNumber: "123",
+        },
+      };
+
+      // Generate prompt for pull_request_target
+      const pullRequestTargetContext: PreparedContext = {
+        ...baseContext,
+        eventData: {
+          ...baseContext.eventData,
+          eventName: "pull_request_target",
+          isPR: true,
+          prNumber: "123",
+        },
+      };
+
+      const pullRequestPrompt = generatePrompt(
+        pullRequestContext,
+        mockGitHubData,
+        false,
+        mockTagMode,
+      );
+      const pullRequestTargetPrompt = generatePrompt(
+        pullRequestTargetContext,
+        mockGitHubData,
+        false,
+        mockTagMode,
+      );
+
+      // Both should have the same event type and structure
+      expect(pullRequestPrompt).toContain(
+        "<event_type>PULL_REQUEST</event_type>",
+      );
+      expect(pullRequestTargetPrompt).toContain(
+        "<event_type>PULL_REQUEST</event_type>",
+      );
+
+      expect(pullRequestPrompt).toContain(
+        "<trigger_context>pull request opened</trigger_context>",
+      );
+      expect(pullRequestTargetPrompt).toContain(
+        "<trigger_context>pull request opened</trigger_context>",
+      );
+
+      // Both should contain PR-specific instructions
+      expect(pullRequestPrompt).toContain(
+        "Always push to the existing branch when triggered on a PR",
+      );
+      expect(pullRequestTargetPrompt).toContain(
+        "Always push to the existing branch when triggered on a PR",
+      );
+    });
+
+    test("should handle pull_request_target in agent mode with custom prompt", () => {
+      const envVars: PreparedContext = {
+        repository: "test/repo",
+        claudeCommentId: "12345",
+        triggerPhrase: "@claude",
+        prompt: "Review this pull_request_target PR for security issues",
+        eventData: {
+          eventName: "pull_request_target",
+          eventAction: "opened",
+          isPR: true,
+          prNumber: "789",
+        },
+      };
+
+      // Use agent mode which passes through the prompt as-is
+      const mockAgentMode: Mode = {
+        name: "agent",
+        description: "Agent mode",
+        shouldTrigger: () => true,
+        prepareContext: (context) => ({
+          mode: "agent",
+          githubContext: context,
+        }),
+        getAllowedTools: () => [],
+        getDisallowedTools: () => [],
+        shouldCreateTrackingComment: () => true,
+        generatePrompt: (context) => context.prompt || "default prompt",
+        prepare: async () => ({
+          commentId: 123,
+          branchInfo: {
+            baseBranch: "main",
+            currentBranch: "main",
+            claudeBranch: undefined,
+          },
+          mcpConfig: "{}",
+        }),
+      };
+
+      const prompt = generatePrompt(
+        envVars,
+        mockGitHubData,
+        false,
+        mockAgentMode,
+      );
+
+      expect(prompt).toBe(
+        "Review this pull_request_target PR for security issues",
+      );
+    });
+
+    test("should handle pull_request_target with no custom prompt", () => {
+      const envVars: PreparedContext = {
+        repository: "test/repo",
+        claudeCommentId: "12345",
+        triggerPhrase: "@claude",
+        eventData: {
+          eventName: "pull_request_target",
+          eventAction: "synchronize",
+          isPR: true,
+          prNumber: "456",
+        },
+      };
+
+      const prompt = generatePrompt(
+        envVars,
+        mockGitHubData,
+        false,
+        mockTagMode,
+      );
+
+      // Should generate default prompt structure
+      expect(prompt).toContain("<event_type>PULL_REQUEST</event_type>");
+      expect(prompt).toContain("<pr_number>456</pr_number>");
+      expect(prompt).toContain(
+        "Always push to the existing branch when triggered on a PR",
+      );
+    });
+  });
+
+  describe("pull_request_target vs pull_request behavior consistency", () => {
+    test("should produce identical event processing for both event types", () => {
+      const baseEventData = {
+        eventAction: "opened",
+        isPR: true,
+        prNumber: "100",
+      };
+
+      const pullRequestEvent: PreparedContext = {
+        repository: "owner/repo",
+        claudeCommentId: "12345",
+        triggerPhrase: "@claude",
+        eventData: {
+          ...baseEventData,
+          eventName: "pull_request",
+          isPR: true,
+          prNumber: "100",
+        },
+      };
+
+      const pullRequestTargetEvent: PreparedContext = {
+        repository: "owner/repo",
+        claudeCommentId: "12345",
+        triggerPhrase: "@claude",
+        eventData: {
+          ...baseEventData,
+          eventName: "pull_request_target",
+          isPR: true,
+          prNumber: "100",
+        },
+      };
+
+      // Both should have identical event type detection
+      const prResult = getEventTypeAndContext(pullRequestEvent);
+      const prtResult = getEventTypeAndContext(pullRequestTargetEvent);
+
+      expect(prResult.eventType).toBe(prtResult.eventType);
+      expect(prResult.triggerContext).toBe(prtResult.triggerContext);
+    });
+
+    test("should handle edge cases in pull_request_target events", () => {
+      // Test with minimal event data
+      const minimalContext: PreparedContext = {
+        repository: "owner/repo",
+        claudeCommentId: "12345",
+        triggerPhrase: "@claude",
+        eventData: {
+          eventName: "pull_request_target",
+          isPR: true,
+          prNumber: "1",
+        },
+      };
+
+      const result = getEventTypeAndContext(minimalContext);
+      expect(result.eventType).toBe("PULL_REQUEST");
+      expect(result.triggerContext).toBe("pull request event");
+
+      // Should not throw when generating prompt
+      expect(() => {
+        generatePrompt(minimalContext, mockGitHubData, false, mockTagMode);
+      }).not.toThrow();
+    });
+
+    test("should handle all valid pull_request_target actions", () => {
+      const actions = ["opened", "synchronize", "reopened", "closed", "edited"];
+
+      actions.forEach((action) => {
+        const context: PreparedContext = {
+          repository: "owner/repo",
+          claudeCommentId: "12345",
+          triggerPhrase: "@claude",
+          eventData: {
+            eventName: "pull_request_target",
+            eventAction: action,
+            isPR: true,
+            prNumber: "1",
+          },
+        };
+
+        const result = getEventTypeAndContext(context);
+        expect(result.eventType).toBe("PULL_REQUEST");
+        expect(result.triggerContext).toBe(`pull request ${action}`);
+      });
+    });
+  });
+
+  describe("security considerations for pull_request_target", () => {
+    test("should maintain same prompt structure regardless of event source", () => {
+      // Test that external PRs don't get different treatment in prompts
+      const internalPR: PreparedContext = {
+        repository: "owner/repo",
+        claudeCommentId: "12345",
+        triggerPhrase: "@claude",
+        eventData: {
+          eventName: "pull_request",
+          eventAction: "opened",
+          isPR: true,
+          prNumber: "1",
+        },
+      };
+
+      const externalPR: PreparedContext = {
+        repository: "owner/repo",
+        claudeCommentId: "12345",
+        triggerPhrase: "@claude",
+        eventData: {
+          eventName: "pull_request_target",
+          eventAction: "opened",
+          isPR: true,
+          prNumber: "1",
+        },
+      };
+
+      const internalPrompt = generatePrompt(
+        internalPR,
+        mockGitHubData,
+        false,
+        mockTagMode,
+      );
+      const externalPrompt = generatePrompt(
+        externalPR,
+        mockGitHubData,
+        false,
+        mockTagMode,
+      );
+
+      // Should have same tool access patterns
+      expect(
+        internalPrompt.includes("mcp__github_comment__update_claude_comment"),
+      ).toBe(
+        externalPrompt.includes("mcp__github_comment__update_claude_comment"),
+      );
+
+      // Should have same branch handling instructions
+      expect(
+        internalPrompt.includes(
+          "Always push to the existing branch when triggered on a PR",
+        ),
+      ).toBe(
+        externalPrompt.includes(
+          "Always push to the existing branch when triggered on a PR",
+        ),
+      );
+    });
+  });
+});
Author	SHA1	Message	Date
Claude	a6bed21f34	docs: make README more Australian with authentic Aussie slang and expressions Transform the README to use Australian vernacular including: - "G'day mate" greeting and friendly Aussie tone - Replaced "Features" with "What's the Go?" - Added authentic expressions like "fair dinkum", "ripper", "beauty" - Used classic phrases like "Bob's your uncle", "cat's pyjamas", "she'll be right" - Added cultural references and colloquialisms throughout - Maintained technical accuracy while adding Australian charm 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-07 23:15:08 +00:00
GitHub Actions	b2dd1006a0	chore: bump Claude Code version to 2.0.10	2025-10-07 21:14:39 +00:00
GitHub Actions	ac1a3207f3	chore: bump Claude Code version to 2.0.9	2025-10-06 21:57:24 +00:00
Ashwin Bhat	521d069da7	docs: add prompt injection security note (#604 ) * docs: add prompt injection security note Add warning about potential hidden markdown in untrusted content from external contributors. Documents existing sanitization measures while acknowledging new bypass techniques may emerge. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> * Update docs/security.md Co-authored-by: David Dworken <dworken@anthropic.com> * format --------- Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: David Dworken <dworken@anthropic.com>	2025-10-06 09:51:50 -07:00
GitHub Actions	7e4b782d5f	chore: bump Claude Code version to 2.0.8	2025-10-04 23:17:33 +00:00
GitHub Actions	4fb0ef3be0	chore: bump Claude Code version to 2.0.5	2025-10-02 19:29:43 +00:00
GitHub Actions	14ac8aa20e	chore: bump Claude Code version to 2.0.1	2025-10-01 02:30:10 +00:00
Ashwin Bhat	90d189f3ab	fix: update permission test prompts to trigger actual tool usage (#596 ) Changed test prompts from communication-style echo commands to legitimate technical operations. This ensures Claude attempts the Bash tool call (which then gets blocked by permissions) instead of refusing based on communication guidelines. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Claude <noreply@anthropic.com>	2025-09-30 18:04:13 -07:00
GitHub Actions	9c09b26b2d	chore: bump Claude Code version to 2.0.2	2025-10-01 00:48:36 +00:00
GitHub Actions	2086c977a5	chore: bump Claude Code version to 2.0.1	2025-09-30 02:45:30 +00:00
GitHub Actions	851ef5b84e	chore: bump Claude Code version to 2.0.0	2025-09-29 16:45:58 +00:00
Song Huang	1ce8153c18	docs: fix the faq doc link (#593 )	2025-09-28 10:02:17 -07:00
GitHub Actions	00391ab25e	chore: bump Claude Code version to 1.0.128	2025-09-27 16:44:46 +00:00
GitHub Actions	426380f01b	chore: bump Claude Code version to 1.0.127	2025-09-26 18:15:45 +00:00
GitHub Actions	77f51d2905	chore: bump Claude Code version to 1.0.126	2025-09-26 01:13:47 +00:00
GitHub Actions	7e5b42b197	chore: bump Claude Code version to 1.0.124	2025-09-25 04:23:38 +00:00
GitHub Actions	1b7c7a77d3	chore: bump Claude Code version to 1.0.123	2025-09-23 23:48:31 +00:00
Vibhor Agrawal	bd70a3ef2b	fix: add support for pull_request_target event in GitHub Actions workflows (#579 ) Add pull_request_target event support to enable Claude Code usage with forked repositories while maintaining proper security boundaries. This resolves issues with dependabot PRs and external contributions that require write permissions. Changes: - Add pull_request_target to supported GitHub events in context parsing - Update type definitions to include PullRequestTargetEvent - Modify IS_PR calculation to detect pull_request_target as PR context - Add comprehensive test coverage for pull_request_target workflows - Update documentation to reflect pull_request_target support The pull_request_target event provides the same payload structure as pull_request but runs with write permissions from the base repository, making it ideal for secure automation of external contributions. Fixes #347	2025-09-22 09:20:27 -07:00
marcus	f4954b5256	removed mcp_config as input from usage.md and added to deprecated inputs with instructions to migrate to --mcp-config instead (#574 )	2025-09-22 09:19:26 -07:00
Leonardo Yvens	93f8ab56c2	Add support for kebab-case --allowed-tools flag (#581 ) - Update parseAllowedTools to accept both --allowedTools and --allowed-tools - Add regex alternation to support both camelCase and kebab-case variants - Add test cases for unquoted and quoted kebab-case formats - All existing tests continue to pass 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Claude <noreply@anthropic.com>	2025-09-22 09:18:04 -07:00
GitHub Actions	93028b410e	chore: bump Claude Code version to 1.0.120	2025-09-19 23:55:52 +00:00
GitHub Actions	838d4d9d25	chore: bump Claude Code version to 1.0.119	2025-09-19 00:53:43 +00:00
GitHub Actions	7ed3b616d5	chore: bump Claude Code version to 1.0.117	2025-09-16 23:49:28 +00:00
kashyap murali	09ea2f00e1	Delete .github/workflows/claude-test.yml (#573 )	2025-09-16 13:46:34 -07:00
GitHub Actions	455b943dd7	chore: bump Claude Code version to 1.0.115	2025-09-16 00:52:01 +00:00
GitHub Actions	063d17ebb2	chore: bump Claude Code version to 1.0.113	2025-09-13 02:32:28 +00:00
Kevin Cui	2e92922dd6	fix(tag): no such tool available mcp__github_* (#556 ) Signed-off-by: Kevin Cui <bh@bugs.cc> # Conflicts: # src/mcp/install-mcp-server.ts # src/modes/tag/index.ts # test/modes/agent.test.ts	2025-09-12 12:33:34 -07:00
GitHub Actions	a5528eec74	chore: bump Claude Code version to 1.0.112	2025-09-12 01:14:51 +00:00
Benny Yen	1d4650c102	fix: update test workflow reference in test-local.sh (#564 ) * fix: update test workflow reference in test-local.sh Change workflow file from test-action.yml to test-base-action.yml 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * docs(CLAUDE): update test workflow reference in CLAUDE.md --------- Co-authored-by: Claude <noreply@anthropic.com>	2025-09-11 07:25:16 -07:00
Benny Yen	86d6f44e34	chore: consolidate duplicate test directories (#565 ) Move detector.test.ts from tests/modes/ to test/modes/ and fix TypeScript type errors by adding missing required properties (botId, botName, allowedNonWriteUsers). Remove empty tests/ directory structure. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Claude <noreply@anthropic.com>	2025-09-11 07:24:55 -07:00
GitHub Actions	c1adac956c	chore: bump Claude Code version to 1.0.111	2025-09-10 23:56:22 +00:00
Ashwin Bhat	f197e7bfd5	docs: add documentation for path_to_claude_code_executable and path_to_bun_executable inputs (#562 ) Add documentation for the two previously undocumented inputs that allow users to provide custom executables for specialized environments: - path_to_claude_code_executable: for custom Claude Code binaries - path_to_bun_executable: for custom Bun runtime These inputs are particularly useful for environments like Nix, NixOS, custom containers, and other package management systems where the default installation may not work. Updated files: - docs/usage.md: Added to inputs table - docs/faq.md: Added FAQ entry with examples and use cases - docs/configuration.md: Added dedicated section with examples 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Claude <noreply@anthropic.com>	2025-09-10 16:27:28 -07:00
Ashwin Bhat	89f9131f6c	Add PostToolUse hook for automatic formatting (#563 ) Added a PostToolUse hook that automatically runs `bun run format` after Edit, Write, or MultiEdit operations, similar to the Python SDK's ruff formatting hook. This ensures code is automatically formatted whenever changes are made. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Claude <noreply@anthropic.com>	2025-09-10 13:19:53 -07:00
Jimmy Utterström	b78e1c0244	feat: Add ANTHROPIC_CUSTOM_HEADERS environment variable support (#561 )	2025-09-10 09:42:54 -07:00
GitHub Actions	abf075daf2	chore: bump Claude Code version to 1.0.110	2025-09-10 00:20:34 +00:00